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Good  morning.  I  had  such  a  great  time  last  year — could  not  resist  the  invitation  to  this  year’s 
1996  InfoTech  conference.  A  great  deal  has  changed  in  the  past  year.  It  reminds  me  of  the  words 
probably  spoken  by  Eve  when  she  and  Adam  left  the  Garden  of  Eden:  "Adam,"  said  Eve,  "We 
live  in  a  time  of  great  transition." 


We  live  in  a  similar  time  today.  We  have  won  a  great  Cold  War  with  the  former  Soviet 
Union — but  five  years  later,  we  still  have  not  found  a  term  better  than  "post-Cold  War"  to 
describe  the  current  era.  It  is  a  term  that  describes  where  we  are  today  relative  to  the  past.  But 
what  about  our  relationship  with  the  future? 


Our  society,  and  indeed,  those  of  the  first  and  third  world  nations  alike,  are  riding  the  wave  of  the 
"Information  Revolution."  It  is  driven  by  the  breathtaking  advances  being  made  in 
microprocessors  and  telecommunications.  The  general  trend  we  have  seen  since  the  1970s  has 
been  about  a  ten-thousand  fold  improvement  in  processing  capability  at  nearly  the  same  cost. 


The  advances  are  proceeding  at  a  rate  described  by  Moore's  Law.  This  empirical  relationship  says 
that  computer  chips  get  twice  as  powerful  every  18  months.  The  same  $2500  that  bought  the 
original  Macintosh  in  1984  with  128K  of  random  access  memory  (RAM)  and  the  Motorola  68000 
processor  now  buys  a  180  MHz  Performa  with  a  RISC-based  PowerPC  processor,  32MB  of  RAM, 
1.2GB  hard  drive,  an  eight-speed  CD-ROM,  and  a  28.8k  Fax  Modem.  We  project  that  we  will 
have  another  thousand  fold  improvement  over  the  next  15  years  at  the  rate  of  advance  predicted 
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by  Moore's  Law. 


This  kind  of  progress  is  transforming  the  world  we  live  in.  Last  month,  we  celebrated  the  50*** 
anniversary  of  the  first  modern  digital  computer.  It  was  known  as  the  Electronic  Numerical 
Integrator  and  Computer,  or  ENIAC  for  short.  ENIAC  was  developed  by  the  University  of 
Pennsylvania  and  installed  at  the  Army's  Ballistic  Research  Laboratory,  in  Aberdeen,  Maryland. 
It  had  been  designed  to  help  solve  a  pressing  Cold  War  defense  issue  of  the  late  1940s — calculating 
the  trajectories  of  artillery  rounds.  This  anniversary  coincided  with  the  award  of  a  new  DoD 
contract  to  install,  at  that  same  location,  high-speed  supercomputers  with  a  computational 
capacity  in  excess  of  1 00  million  times  that  of  the  original  ENIAC. 


Where  I  live  in  Fairfax  County,  Northern  Virginia,  parents  of  students  in  the  gifted-talented 
program  are  expected  to  have  a  486  or  better  home  computer  with  internet  e-mail  accounts. 
Twelve  year  old  students — 7***  graders — have  the  e-mail  addresses  of  their  teachers  and  regularly 
send  homework  over  the  internet.  Many  of  these  students  have  access  to  free  e-mail  services.  And 
when  they  are  not  e-mailing  their  homework  to  teachers,  they  are  engaging  in  old  fashioned 
"chit-chat"  with  their  friends  and  relatives  across  the  country  via  the  internet. 


Some  of  these  twelve  year  olds  will  be  America’s  warfighters  in  the  early  21  century.  They  along 
with  America’s  coalition  partners,  will  help  define  and  secure  that  elusive  "post-Cold  War"  future 
I  spoke  of  earlier.  To  operate  successfully  on  the  21®^  Century  battlefield  our  warfighters  will  need 
a  superior  awareness  of  the  battlefield.  It  means  knowing  the  status  of  enemy  and  friendly  forces. 
It  even  means  having  intelligence  on  enemy  intentions.  Our  forces  will  need  this  to  make  decisions 
faster  than  their  adversaries.  This  is  what  it  means  to  have  "information  dominance." 


INFORMATION  DOMINANCE 


To  achieve  information  dominance,  I  see  a  greater  move  to  what  I  call  large  scale 
"system-of-sy stems"  architectures  with  global  span  and  highly  networked,  mobile  elements.  It  will 
place  a  premium  on  being  able  to  put  together  complex  software  and  the  various  legacy 
components  that  we  have  developed  in  the  way  of  sensor  systems,  communication  systems  and 
weapon  systems. 


There  is  a  great  range  of  opportunity  for  improvements  here  without  major  investments  in  the 
component  systems  themselves,  by  providing  the  systems  engineering  and  the  system  integration 
glue  to  tie  together  in  a  better  way  those  components.  Many  of  you  sitting  in  the  audience  today 
are  playing  a  critical  role  in  these  endeavors,  understanding  as  you  do,  the  aspects  of  many  of 
these  systems  and  how  they  can  be  better  configured  and  tied  together  to  be  more  effective  in  a 
closed  cycle  sense. 


The  implications  of  system-of-systems  architectures  are  enormous.  It  means  that  any  particular 
system  depends  on  a  wide  variety  of  separate  physical  and  software  support  elements  and  any 
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particular  element  is  supporting  a  wide  variety  of  different  systems.  We  are  taking  existing 
distributed  systems  of  this  sort  and  building  larger  systems  out  of  them. 


Earlier  last  summer,  for  example,  the  submarine  and  special  operations  community  just 
completed  a  related,  very  successful  Advanced  Concept  Technology  Demonstration — ^ACTD — ^to 
integrate  attack  submarines  into  the  nation's  larger  system-of-systems  C4ISR  (Command, 
Control,  Communications,  Computers,  Intelligence,  Surveillance,  and  Reconnaissance) 
architecture.  In  this  case,  a  nuclear  attack  submarine,  the  USS  CHICAGO,  took  control  of  the 
Predator  Unmanned  Aerial  Vehicle  in  a  demonstration  with  Navy  SEALs  off  San  Clemente 
Island,  California. 


This  effort  is  a  significant  first:  it  is  the  first  example  of  a  Predator  vehicle  and  sensors  being 
controlled  from  a  Navy  submarine.  Some  people  in  the  submarine  community  have  commented 
that  "this  is  the  most  exciting  thing  that  has  happened  in  submarine  warfare  since  the  nuclear 
reactor."  I  agree  with  them — rather  than  having  a  15  foot  periscope,  the  submarine  effectively  had 
a  15,000  foot  periscope. 


For  the  purposes  of  this  demonstration,  the  submarine  was  configured  with  a  super  high 
frequency  23  dB  gain  fiat  plate  antenna,  similar  to  that  used  for  direct  broadcast  TV,  except 
adapted  for  seagoing  conditions  unique  to  submarines.  A  SUN  SPARC  workstation  was  used  for 
directional  control  of  the  antenna.  A  JDISS  terminal  was  put  on-board  to  insure  a  video 
re-broadcast  at  32  kilobits-per-second. 


The  Predator  was  directed  to  conduct  target  surveillance  in  order  to  plan  a  real-time  SEAL 
insertion-including  dynamic  re-tasking  and  bomb  damage  assessment.  The  demonstration 
included  control  of  the  UAV  from  the  submerged  attack  submarine  at  periscope  depth  from  a 
range  of  about  100  nautical  miles. 


A  number  of  new  systems  are  coming  on-line  in  addition  to  unmanned  aerial  vehicles  like  the 
Predator.  We  are  developing  and  fielding  systems  like  JSTARS,  or  the  Joint  Surveillance  Target 
Attack  Radar  System.  From  the  outside,  JSTA^  looks  like  an  ordinary  Boeing  707 — one  you 
might  expect  to  find  in  some  commercial  air  cargo  fleets.  But  inside,  as  many  of  you  know,  the  jet 
is  packed  with  an  advanced  moving  target  indicator  and  synthetic  aperture  radar  and  advanced 
computer  processing  and  communications  systems. 


The  jet  is  the  airborne  platform  for  a  powerful  surveillance,  targeting  and  battle  management 
"system-of-systems"  capability — one  well  suited  to  the  requirements  of  the  NATO  Alliance 
Ground  Surveillance  system.  We've  used  this  capability  to  great  advantage  in  Bosnia.  For 
example,  JSTARS  has  flown  51  missions  in  Bosnia,  covering  a  total  area  of  747  million  square 
kilometers  or  about  75  times  the  land  area  of  the  United  States.  On  a  typical  mission,  JSTARS 
spent  an  average  of  eight  and  half  hours  on  station;  and  filling  up  the  60  Gbytes  of  mass  storage 
on-board.  Over  the  51  missions,  6,950  radar  service  requests  were  met.  There  were  38  million  total 
detections  and  26,000  total  revisits.  To  secure  an  overwhelming  advantage,  commanders  will  need 
a  third  capability:  the  C3  and  planning  tools  to  achieve  something  I  call  "Dominant  Battle  Cycle 
Time"  or  the  ability  to  act  before  an  adversary  can  react. 
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Our  strategy  is  to  ensure  that  US  forces  possess  an  overwhelming  capability  of  "information 
dominance."  Just  as  the  United  States  possessed  an  overwhelming  nuclear  capability  and  extended 
a  "nuclear  umbrella"  over  our  allies  during  the  cold  War,  so  too  will  the  United  States  extend  an 
"information  umbrella"  over  our  coalition  partners  in  the  21®*  Century. 


This  is  being  demonstrated  in  Bosnia  today.  The  NATO  IFOR  is  breaking  new  ground  on  how  we 
view  interoperability  with  our  friends  and  allies.  Even  before  IFOR,  our  Warsaw  initiative  was 
aimed  at  improving  interoperability  of  command  and  control  systems  with  the  nations  of  central 
Europe.  IFOR  demonstrated  that  this  need  was  real. 


Fundamentally,  our  command,  control,  communications,  intelligence  and  logistics  systems  must  be 
interoperable.  Generally,  we  are  achieving  this  in  IFOR  through  setting  common  standards,  as 
well  as  providing  access  to  a  secure  tactical  internet  with  multi-level  security  through  our 
Info-Comm  initiative. 


In  the  future,  information  dominance  will  allow  the  US  to  deploy  small,  more  lethal,  and  dispersed 
units  to  accomplish  missions  performed  today  by  much  larger  forces.  We  are  examining  such  new 
warfare  concepts  in  ACTDs  such  as  SEA  DRAGON.  The  key  to  the  effectiveness  of  these  small 
units  will  be  the  possession  of  superior  dynamic  situational  awareness  and  communications. 
Offensively,  these  small  units  will  be  able  to  concentrate  direct  and  remote  fires  on  a  massed 
enemy  force.  Defensively,  they  will  enjoy  the  advantage  of  being  dispersed.  Small  unit  operations 
is  just  one  of  the  new  emerging  warfighting  concepts  enabled  by  information  dominance. 


INFORMATION  SYSTEMS  SURVIVABILITY 


Our  information  dominance  strategy  has  a  down  side  a  well.  Our  ability  to  project  power  will 
become  increasingly  dependent  on  the  power  of  our  computing  systems  and  their  integrity  and 
robustness  over  time.  DoD  systems  and  networks  are  interconnected  with  a  large  number  of  other 
large-scale  systems  such  as  public  phone  systems,  the  power  grid,  our  banking  systems,  and  our 
air  traffic  control  systems.  Each  of  these  systems  is  itself  a  large-scale  distributed  computing  and 
networking  system,  and  all  of  them  are  based  on  readily  available  computing  technology  with 
their  own  large-scale  vulnerabilities. 


It  is  in  this  context  that  I  would  like  to  talk  to  you  about  "Information  System  Survivability." 
when  I  use  this  term,  I  mean  the  ability  of  large-scale  systems-of-systems  to  continue  adequate 
performance  of  critical  services  even  after  attacks  have  taken  place — ^physical  attacks  on  the 
networks,  logic  attacks  on  the  computing  elements,  or  internal  compromises. 


This  is  a  different  focus  than  the  traditional  security  focus,  where  security  people  tend  to  focus  on 
keeping  the  bad  guys  out  by  building  a  barrier  or  fire  wall.  The  focus  here  is  to  do  as  much  of  that 
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as  you  possibly  can,  but  it  acknowledges  the  fact  that  no  barrier  can  be  perfect.  At  some  point, 
building  higher  walls  simply  leads  to  diminishing  returns — a  Maginot  Line.  Therefore  the  critical 
question  is  what  do  you  do  when  the  barrier  is  penetrated. 


The  goal  of  an  effective  information  survivability  strategy  is  to  maintain  a  smooth,  tight,  and 
effective  decision  cycle  that  runs  within  the  cycle  of  our  adversaries  even  though  enemies  can 
possibly  intrude  into  your  systems  and  you  have  absorbed  information  warfare  attacks.  We  still 
must  be  able  to  act  and  react  quicker  than  our  adversaries  can  in  this  environment. 


As  we  move  to  large-scale  systems-of-systems,  one  has  to  acknowledge  that  as  you  do  this,  you 
integrate  the  vulnerabilities  of  the  different  components.  And  so  a  failing  or  compromised  router 
can  have  implications,  not  just  for  a  single  system,  but  for  a  variety  of  component  systems  and  for 
the  overall  system-of-systems.  A  compromised  piece  of  software  in  any  of  these  nodes  might  be 
able  to  reach  across  and  destroy  other  systems'  components  running  within  that  same  node. 


To  design  survivability  into  our  information  systems,  it  is  my  sense  that  we  will  have  to  look 
beyond  building  higher — and  more  costly — barriers  to  entry.  Barriers  have  a  role,  but  we  need  a 
broader  view.  One  such  view  involves  looking  at  how  living  organisms,  and  perhaps  populations 
and  societies  operate.  So  it  is  worthwhile  to  ask:  What  is  it  about  these  things  that  lets  them  be 
survivable?  If  you  look  at  organisms,  they  almost  all  have  some  barrier  to  entry,  skin,  membranes 
and  the  like,  things  to  keep  out  attacking  elements. 


This  barrier  in  living  organisms  is  an  "immune  system."  So  that  even  after  the  bad  guys  got  in,  we 
have  ways  of  finding  them  and  getting  them  out.  Many  living  organisms  have  sacriflcial 
organisms,  like  tonsils — no  one  really  knows  why  tonsils  exist  in  the  human  body,  but  one  thing 
they  do  right  now  is  they  get  infected  and,  having  got  infected,  they  let  the  body's  immune  system 
see  the  infecting  elements.  So  they  are  an  information-gathering  element  that  lets  the  rest  of  the 
system  respond. 


We  see  enormous  degrees  of  fault  tolerance  and  the  ability  to  maintain  homeostasis  in  organisms, 
that  is,  to  preserve  the  critical  functions,  say  by  restricting  blood  flow  to  the  extremity  to  maintain 
heat  in  the  interior.  Now,  interestingly  enough,  you  see  exactly  these  same  kinds  of  functions  going 
on  at  the  macro  scale  in  societies.  We  have  public  health  systems  at  every  level.  We  have  market 
economies  that  allocate  resources — a  macro  scale  version  of  homeostasis  of  the  body.  We  have 
duplication  of  skills  across  individuals,  so  that  no  individual  is  indispensable  and  we  see  the 
organization  into  subgroups  that  autonomously  attack  goals  without  central  coordination  or 
without  a  lot  of  it.  And  finally,  at  the  population  level  we  see  that  variability  within  the  species  is 
key  to  the  survival  of  the  species. 


Now,  you  might  ask  why  in  the  world  am  I  talking  about  all  of  this,  what  does  this  have  to  do  with 
keeping  our  information  system  secure?  The  answer  is  that  these  are  very  suggestive  of  ways  we 
might  think  of  engineering  a  strategy  for  survivable  systems-of-systems. 
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At  least  three  major  elements  are  suggested  by  these  biological  and  social  models.  The  first  is  that 
the  survivable  system  of  systems  has  to  have  a  public  health  infrastructure,  something  that  can 
protect  the  population  by  noticing  the  attack,  responding  to  that  attack,  trying  to  understand 
larger  plans  of  the  attack,  having  means  for  isolating  and  quarantining  it  and  for  gathering 
information  and  understanding  it.  The  public  health  systems  at  the  macro  level  depend  upon  the 
immune  system  at  the  micro  level. 


Second,  it  needs  to  be  adaptive  as  it  loses  resources,  either  because  those  resources  are  diverted  to 
defiecting  attacks  or  because  resources  are  compromised.  It  needs  to  reallocate  its  resources  to  get 
its  critical  task  done. 


Now,  the  final  major  theme  is  that  of  diversity.  We  know  from  looking  at  biological  systems  that  if 
you  plant  all  of  the  Midwest  m  the  same  variety  of  corn,  sooner  or  later  an  insect  or  disease  is 
going  to  show  up  and  you're  going  to  lose  all  of  it.  It’s  not  only  that  you’ll  lose  all  of  it. 


Diversity  is  an  important  property  of  populations — for  large-scale  systems  it's  a  key  to  their 
survival.  It's  not  only  that,  but  it's  a  hedge  against  the  unknown.  You  can't  possibly  foresee  every 
attack,  but  by  having  enough  diversity  you  can  make  sure  that  most  attacks  don't  succeed  in 
taking  out  everything  and  therefore  that  you  have  enough  resources  left  to  reconstitute. 


The  problem  for  our  computer  ecology,  as  it  were,  is  that  economic  forces  make  us  move  in  exactly 
the  opposite  direction.  There  is,  after  all,  a  reason  why  90%  of  the  systems  on  desktops  are  more 
or  less  the  same  system  and  while  90%  of  our  servers  are  more  or  less  the  same  system — ^Windows 
in  one  case,  UNIX  in  the  other,  at  the  moment.  Over  time,  what  those  systems  are  will  change,  but 
the  general  forces  towards  uniformity  are  very  strong  and  powerful. 


The  challenge  then  is  to  figure  out  ways  to  get  variability  even  though  there  are  large-scale  forces 
forcing  us  towards  uniformity.  You  can  imagine  that  general  approach  of  looking  for  variability 
within  common  interfaces  as  a  compromise  between  the  economic  forces  and  robust  survivability. 
We  can  have  uniformity  at  the  interfaces,  but  variability  within.  We  are  very  much  looking  for 
techniques  that  give  us  different  ways  for  engendering  that  variability  at  different  levels  of  the 
computing  hierarchy. 


At  the  moment  there  does  not  exist  a  community  organized  around  these  immature  intellectual 
ideas.  You  don't  look  at  computer  science  departments  for  example  and  see  groups  in  them 
labeled  survivability  or  adaptive  large-scale  systems  or  anything  like  that.  Within  the  DoD,  the 
DARPA  Information  Technology  Office  is  pursuing  a  focused  program  of  applied  research  along 
these  lines.  At  the  national  level,  the  Presidential  Commission  on  Critical  Infrastructures  is 
addressing  some  of  the  larger  policy  issues  associated  with  implementation  of  a  national 
"information  survivability"  strategy. 


I  think  it's  a  given  that  when  you  start  a  new  field  like  this,  it's  going  to  be  disorganized  for  awhile. 
We  will  have  lots  of  competing  ideas  fighting  against  one  another  and  no  clear  way  of  deciding 
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between  them.  1  think  that  will  be  characteristic  of  this  field  for  awhile.  It  is  a  critical  new 
field — one  with  new  terms  like  "canary,"  "honeypot,"  and  "tarbaby."  We  will  need  to  attract  the 
best  and  brightest  to  this  new  career  field.  For  our  combat  forces,  information  dominance  is  too 
powerful  to  pass  up  because  of  potential  vulnerabilities — ^we  must  address  these  issues  head  on. 


DUAL-USE  SYNERGY 


One  final  note  is  in  order  at  this  point.  "Information  survivability"  is  not  just  a  DoD  issue.  There 
is  a  substantial  amount  of  overlap  in  the  interests  of  the  DoD,  banks,  telephone  companies  and 
public  utilities  in  implementing  survivable  information  systems.  In  some  cases,  the  private  sector 
vulnerability  is  a  more  urgent  and  challenging  concern.  The  desire  of  banks  to  protect  electronic 
funds-transfer  systems  comes  to  mind  immediately.  This  alignment  of  public  and  private  interests 
implies  that  there  is  great  potential  to  leverage  investments  through  cooperative  development  of 
dual-use  technologies. 


SUMMARY 


In  summary,  it  is  clear  that  we  encounter  some  difficult  challenges  as  well  as  some  significant 
opportunities  as  we  enter  the  next  century.  Our  combat  forces  will  increasingly  exploit  our 
"information  dominance"  to  turn  inside  an  adversary's  decision  cycle.  System-of-systems 
architectures  will  provide  this  kind  of  information  superiority  and  will  dominate  the  21®*  century 
battlefield.  In  this  environment,  the  United  States  will  need  to  extend  an  "information  umbrella" 
over  our  friends  and  allies  during  coalition  operations. 


Reliance  on  large  system-of-systems  architectures  will  expose  our  forces  to  significant 
vulnerabilities.  The  traditional  approach,  providing  a  wall  around  our  systems,  will  not  be  fully 
effective  against  information  warfare  attacks.  Our  systems  must  be  robust  and  continue  adequate 
performance  of  critical  services  even  after  attacks  have  taken  place. 


To  design  survivability  into  our  information  systems,  it  is  my  sense  that  perhaps  we  will  have  to 
take  a  broader  view  and  perhaps  benefit  from  understanding  how  living  organisms,  populations 
and  societies  survive. 


Information  survivability  or  defensive  information  warfare  is  not  just  a  DoD  issue.  It  is  a  national 
issue.  It  is  a  concern  of  both  public  and  private  institutions.  My  sense  is  that  there  is  a  tremendous 
opportunity  to  leverage  investment  through  cooperative  development  of  dual  use  technologies. 


In  a  famons  1837  lecture,  Ralph  Waldo  Emerson  asked  his  audience,  "If  there  is  any  period  one 
would  desire  to  be  born  in,  is  it  not  the  age  of  revolution,  when  the  old  and  new  stand  side  by 
side...?"  Like  Emerson,  we,  too,  live  in  age  of  revolution — ^the  continuing  explosion  of  information 
systems  raises  rich  new  possibilities  as  well  as  some  important  new  vulnerabilities. 
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Our  challenge  is  to  exploit  the  possibilities  and  eliminate  the  vulnerabilities.  In  this  way,  we  too 
will  live  in  a  period  one  would  desire  to  be  born  in.  I  look  forward  to  working  with  you  as  we 
proceed  to  equip  and  sustain  US  forces  in  the  years  ahead. 


Thank  you  all. 


